Network Considerations

This page details the ports, protocols and firewall rules needed to ensure connectivity between the Devin App, Devin Engine, and all Devin Server environments.

Devin App ↔ Devin Server

First, make sure your computer can access your Development Server. The Devin App on your PC only ever connects to the Devin Engine on that server. In practice, this means that your Development Server's firewall should allow incoming connections from your PC's IP address.

Default FileMaker Server Requirements

Both port 443 and 5003 are part of a default FileMaker Server installation. If you’re already hosting files through FileMaker Server, they’re almost certainly open and configured correctly—no extra network changes should be required to connect your Devin App to your Development Server.

Protocol
Port
Purpose

HTTPS

443

FileMaker Server API access

FMNET

5003

FileMaker Pro access to hosted fmp12 files (Devin Engine)

If you’ve enabled FileMaker’s HTTPS tunneling feature, all client traffic (including FMNet) is routed over HTTPS/443, so you no longer need to open port 5003.

Devin Server ↔ Devin Server

All traffic to Staging or Production servers is routed through your Development Server. The Devin App never connects to them directly. In practice, this means that your Staging or Production servers must allow incoming connections from your Development Server (see table below).

Environment-Specific Requirements

Scenario
Development Server (Outbound)
Staging/Production Server (Inbound)

Internet-Exposed

Allow HTTPS on TCP/443

Accept HTTPS on TCP/443 only from Development Server's IP

Internal (LAN/VPN)

Allow HTTPS on TCP/443

Permit HTTPS on TCP/443 per ACL

On the Development Server, the Devin Engine and Devin Server API communicate locally over HTTP on localhost:45712 (configured automatically at install). When the Development Server reaches out to other Devin Servers, it uses HTTPS (default port 443) through the same IIS or Nginx web server that FileMaker Server uses for Admin Console, WebDirect, and Admin/Data/OData APIs, leveraging your existing SSL certificate and reverse-proxy settings for end-to-end encryption.

Last updated

Was this helpful?